Question 98 of 137 from exam AZ-800: Administering Windows Server Hybrid Core Infrastructure
Question
HOTSPOT -
Your network contains an Active Directory Domain Services (AD DS) domain named adatum.com. The domain contains a server named Server1 and the users shown in the following table.
Server1 contains a folder named D:\Folder1. The advanced security settings for Folder1 are configured as shown in the Permissions exhibit. (Click the
Permissions tab.)
Folder1 is shared by using the following configurations:
The share permissions for Share1 are shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
Explanations
To access files in a shared folder, you need to be granted permissions on the folder (NTFS permissions) AND permissions on the share. The most restrictive permission of the folder permissions and share permissions apply.
Box 1: Yes -
Group1 has Read access to Folder1 and Change access to Share1. Therefore, User1 can read the files in Share1.
Box 2: No -
Group3 has Full Control access to Share1. However, Group3 has no permissions configured Folder1. Therefore, User3 cannot access the files in Share1.
Box 3: Yes -
Group2 has write permission to Folder1. However, Group2 has no permission on Share1. Therefore, users in Group2 cannot access files in the shared folder.
Access Based Enumeration when enabled hides files and folders that users do not have permission to access. However, Access Based Enumeration is not enabled on Share1. This is indicated by the FolderEnumerationMode " Unrestricted setting. Therefore, the share will be visible to User2 even though User2 cannot access the shared folder.